X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=tls.go;h=b2ad433d6ddc0bb3d16c2c0b391b4ae0fadfa8cb;hb=e05f6f8830b01d52cc21cd5f97cef6616a5334b9;hp=0451b0328f27b66dd1150155174567ea359d711d;hpb=e863948778e2d7191e8e27e5e01f8e49e9f5328c;p=godlighty.git

diff --git a/tls.go b/tls.go
index 0451b03..b2ad433 100644
--- a/tls.go
+++ b/tls.go
@@ -67,12 +67,17 @@ func GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			return cert, nil
 		}
 	}
-	if CHIHasEdDSA(chi) {
-		if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
-			return cert, nil
+	var cert *tls.Certificate
+	if len(HostToECDSACertificate) == 0 {
+		cert = HostToEdDSACertificate[chi.ServerName]
+	} else {
+		if CHIHasEdDSA(chi) {
+			if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
+				return cert, nil
+			}
 		}
+		cert = HostToECDSACertificate[chi.ServerName]
 	}
-	cert := HostToECDSACertificate[chi.ServerName]
 	if cert == nil {
 		return nil, errors.New("no certificate found")
 	}
@@ -84,7 +89,7 @@ func GetConfigForClient(chi *tls.ClientHelloInfo) (*tls.Config, error) {
 	if CHIHasGOST(chi) {
 		pool = HostGOSTClientAuth[chi.ServerName]
 	}
-	if pool == nil && CHIHasEdDSA(chi) {
+	if pool == nil && (CHIHasEdDSA(chi) || len(HostECDSAClientAuth) == 0) {
 		pool = HostEdDSAClientAuth[chi.ServerName]
 	}
 	if pool == nil {